Privacy Policy
Last updated: 26 May 2026
This policy explains how Hypha Technologies Ltd ("Sente", "we", "us") collects, uses, and protects personal data in connection with the Sente service at getsente.io.
1. Who this applies to
- Subscribers — companies and individuals who sign up and pay for Sente
- Users — people who access a Sente account on behalf of a subscribing company
- Visitors — anyone who visits getsente.io
2. Who is the controller
Hypha Technologies Ltd is the data controller for all personal data processed in connection with Sente.
| Company | Hypha Technologies Ltd |
| Company number | 16665133 |
| Registered office | 86–90 Paul Street, London EC2A 4NE, UK |
| ICO registration | ZC029469 |
| Contact | support@getsente.io |
You can verify our ICO registration at ico.org.uk.
3. What we collect
| Category | Details |
|---|---|
| Account data | Email address, company name, contact name |
| Billing data | Subscription tier, payment status, invoice history. Card details are processed directly by Stripe and never stored by us. |
| Request content | The free-form monitoring request you submit describing companies to watch |
| Delivery configuration | Email address(es) you configure to receive Briefs |
| Usage data | Login timestamps, IP address, browser type, session metadata |
| Support communications | Emails and messages you send us |
What we do not collect:
- Card numbers or payment credentials (handled entirely by Stripe)
- Personal data about individuals at the companies you monitor — our monitoring targets publicly available company-level information
- Special category data
4. Why we use your data and our legal basis
| Purpose | Data used | Legal basis |
|---|---|---|
| Create and manage your account | Account data | Contract |
| Process payment and manage subscription | Billing data | Contract |
| Review and activate your Request | Request content | Contract |
| Deliver Briefs to configured addresses | Delivery configuration | Contract |
| Send service notifications (activation, billing, launch updates) | Email address | Contract |
| Fraud prevention and account security | Usage data, IP address | Legitimate interests |
| Service reliability and error logging | Usage data | Legitimate interests |
| Respond to support queries | Support communications | Contract / Legitimate interests |
| Comply with legal obligations (e.g. accounting records) | Billing data | Legal obligation |
| Send founder pricing reminder at month 11 | Email address | Contract |
We do not sell your personal data. We do not use it for advertising.
5. Who we share your data with
We share personal data only as necessary to operate the Service:
| Recipient | Purpose | Role |
|---|---|---|
| Stripe | Payment processing and subscription management | Independent controller under their own privacy policy |
| Hosting and infrastructure provider | Storing account data, Request data, and delivery configuration | Processor under contract |
| Email delivery provider | Sending Briefs and service notifications | Processor under contract |
| Law enforcement / regulators | Where required by law or court order | — |
We do not use third-party analytics, advertising technology, or social media embeds.
All processors are contractually bound to process your data only on our instructions and to apply appropriate security measures.
6. International transfers
We aim to host and process data within the UK and EU/EEA. Stripe operates globally from the United States; transfers to Stripe are covered by the UK-US Data Bridge and Stripe's Standard Contractual Clauses.
If we engage any other service that processes data outside the UK/EEA, we will implement appropriate safeguards (UK IDTA or EU Standard Contractual Clauses) before any transfer occurs.
7. Retention
| Data | Retention period |
|---|---|
| Account and subscription data | While your account is active; deleted or anonymised within 30 days of account closure |
| Billing and invoice records | 7 years (legal and accounting obligation) |
| Request content | While your subscription is active; deleted within 30 days of account closure |
| Usage and access logs | 12 months |
| Support communications | 2 years from last contact |
8. Security
We apply technical and organisational measures appropriate to the sensitivity of the data, including:
- TLS/HTTPS for all data in transit
- Encryption at rest for stored account and Request data
- Role-based access controls limiting who can view subscriber data
- Regular security patching and monitoring
No online service is perfectly secure. If you suspect unauthorised access to your account, contact support@getsente.io immediately.
In the event of a personal data breach likely to result in risk to your rights and freedoms, we will notify you and, where required, the ICO within 72 hours of becoming aware.
9. Cookies
The Sente web interface uses only:
- Strictly necessary session cookies — required to keep you logged in. These cannot be turned off.
We do not use analytics cookies, advertising cookies, or third-party tracking. No consent banner is shown because no consent is required.
10. Your rights
Under UK GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate data
- Erasure — ask us to delete your data (subject to legal retention obligations)
- Restriction — ask us to pause processing in certain circumstances
- Portability — receive your account data in a structured, machine-readable format (JSON or CSV)
- Object — object to processing based on legitimate interests, including marketing
- Withdraw consent — where processing is based on consent, withdraw at any time
To exercise any right, email support@getsente.io. We will respond within one month (extendable by a further two months for complex requests). Most requests are free; we may charge a reasonable fee for manifestly unfounded or excessive requests.
You may also lodge a complaint with the UK Information Commissioner's Office at ico.org.uk or with the data protection authority in your country of residence.
11. Personal data in your Request
Your monitoring Request may reference named individuals (for example, executives at companies you wish to monitor). We process such references only to configure your monitoring service. We treat this information as confidential and do not share it with other customers.
Please avoid including sensitive personal data (health information, financial details, etc.) in your Request. It is not needed for the Service to function.
12. Children
Sente is a business service for adults. We do not knowingly collect data from anyone under 18. If we become aware of such an account, we will close it and delete the associated data.
13. Changes to this policy
We will give at least 30 days' advance notice of material changes by email. Minor corrections or changes required by law may take effect immediately. The effective date appears at the top. We keep previous versions available on request.
14. Contact
For privacy questions, rights requests, or complaints:
Email: support@getsente.io
Post: Hypha Technologies Ltd, 86–90 Paul Street, London EC2A 4NE, UK
Formal legal notices may be sent to our registered office and copied to legal@getsente.io.